Network Management Strategies for the CIO
This guide was created in partnership between:
It's no secret that a layered security structure is the key to
Requires Free Membership to View
protecting networks from pernicious intrusions. One of the major components in that structure is having solid intrusion detection and prevention. Created in partnership with our sister site, SearchSecurity.com, this guide is a compilation of resources that explain what intrusion detection and prevention are, how they work, troubleshooting, configurations and more. Send us an e-mail to let us know what other guides you would like to see on SearchNetworking.com.
TABLE OF CONTENTS
Introduction to Intrusion Detection and Prevention
IDS/IPS Architecture
Wireless Intrusion Detection
IDS/IPS Implementation and Placement
Troubleshooting and False Positives
Snort and Other Sniffers
Product Reviews and Buying Advice
The Future of Intrusion Detection and Prevention
More Learning Resources
| Introduction to Intrusion Detection and Prevention | Return to Table of Contents |
- Glossary Definition: Intrusion detection (SearchNetworking.com)
- Glossary Definition: Intrusion prevention (SearchNetworking.com)
- Tip: Intrusion detection basics (SearchSecurity.com)
- Tip: Common security measures (SearchNetworking.com)
- Quiz: Intrusion detection and prevention systems (SearchSecurity.com)
- Quiz: Intrusion-prevention systems (SearchSecurity.com)
- Advice: The ABCs of intrusion detection (SearchSecurity.com)
- Advice: How do intrusion detection systems work? (SearchNetworking.com)
- Advice: What are the algorithms and encryption methods used in intrusion prevention systems? (SearchNetworking.com)
- Book Chapter: The Tao of Network Security Monitoring, Beyond Intrusion Detection, Chapter 11 (SearchNetworking.com)
- Featured Topic: IDS best practices (SearchSecurity.com)
- Tutorial: A walk-through of an attack (SearchNetworking.com)
- Webcast: Five steps to IDS success (SearchSecurity.com)
| IDS/IPS Architecture | Return to Table of Contents |
- Article: Hybrid honeypots 'shadow' intrusion prevention systems (SearchSecurity.com)
- Article: Signature-based threats: Moving beyond 'picking off penguins' (SearchSecurity.com)
- Column: The preconditions for next-generation security (SearchNetworking.com)
- Tip: IDS: Signature versus anomaly detection (SearchSecurity.com)
- Tip: Briddging the gap between perimeter and host security (SearchSecurity.com)
- Tip: Battling worms with network-based IPS (SearchSecurity.com)
| Wireless Intrusion Detection | Return to Table of Contents |
- Tip: Beyond wireless intrusion detection (SearchNetworking.com)
- Tip: Wireless LAN intrusion detection (SearchSecurity.com)
- Tip: Managing Wi-Fi stations (SearchNetworking.com)
- Tip: Why distributed wireless IDS is needed (SearchSecurity.com)
- Tip: Signs of WLAN intrusion (SearchNetworking.com)
- Q&A: Wireless IDS, a crucial part of your security strategy (SearchSecurity.com)
- Review: AirMagnet Enterprise 5.0 steps up wireless IDS (SearchSecurity.com)
| IDS/IPS Implementation and Placement | Return to Table of Contents |
- Article: The evolving art of networking self-defense (SearchNetworking.com)
- Q&A: Tips for maximizing the effectiveness of IDS/IPS (SearchSecurity.com)
- Tip: Maximizing IDS/IPS implementations (SearchSecurity.com)
- Tip: Evaluating and tuning an intrusion detection system (SearchSecurity.com)
- Tip: Where to place IDS sensors (SearchSecurity.com)
- Tip: Troubleshooting firewalls (SearchNetworking.com)
- Advice: Implementing IDS in small- to medium-sized businesses (SearchSecurity.com)
- Advice: Firewall placement (SearchNetworking.com)
- Webcast: Secrets to using IDS and IPS effectively (SearchSecurity.com)
| Troubleshooting and False Positives | Return to Table of Contents |
- Glossary Definition: False positive (SearchNetworking.com)
- Article: New semantics-aware IDS reduces false positives (SearchSecurity.com)
- Q&A: Tips for maximizing the effectiveness of IDS/IPS (SearchSecurity.com)
- Tip: How to limit false positives in IPSes (SearchSecurity.com)
- Tip: Generic exploit blocking: A defense against malicious possibilities (SearchNetworking.com)
- Tip: Target-based IDS muffles the noise to take aim on the alerts that count (SearchSecurity.com)
- Tutorial: A walk-through of an attack (SearchNetworking.com)
- Tutorial: Guide to penetration testing (SearchNetworking.com)
| Snort and Other Sniffers | Return to Table of Contents |
- Glossary Definition: Snort (SearchSecurity.com)
- Glossary Definition: Sniffer (SearchNetworking.com)
- Article: Sniffer spinoff: Sign of weakness or opportunity? (SearchNetworking.com)
- Article: Sourcefire offers Snort certification and online training (SearchSecurity.com)
- Article: Sniffer update has a nose for data capture (SearchNetworking.com)
- Advice: What is a sniffer? (SearchNetworking.com)
- Advice: What's the difference between packet "sniffers" and protocol analyzers? (SearchNetworking.com)
- Tip: How to determine how many interfaces a sensor needs (SearchSecurity.com)
- Tip: What OS to use for Snort sensors (SearchSecurity.com)
- Tip: How to deal with switches and segments (SearchSecurity.com)
- Tip: Why Snort makes IDS worth the time and effort (SearchSecurity.com)
- Tip: How to verify that Snort is operating (SearchSecurity.com)
- Tip: How to automatically update Snort rules (SearchSecurity.com)
- Tip: Where to find Snort rules (SearchSecurity.com)
- Tip: How to decipher the Oinkcode (SearchSecurity.com)
| Product Reviews and Buying Advice | Return to Table of Contents |
- Review: Enterasys's Dynamic Intrusion Response is a 'hot' IPS (SearchSecurity.com)
- Review: Tripwire Enterprise provides robust, intrusion reporting (SearchSecurity.com)
- Review: AirMagnet Enterprise 5.0 steps up wireless IDS (SearchSecurity.com)
- Review: Products of the Year: Intrusion detection systems (SearchSecurity.com)
- Review: Products of the Year: Intrusion prevention systems (SearchSecurity.com)
- Review: Sentivist IPS (SearchSecurity.com)
- Article: Open-source IPS testing tool released (SearchSecurity.com)
- Advice: Choosing the 'hottest' IPS on the market (SearchSecurity.com)
| The Future of Intrusion Detection and Prevention | Return to Table of Contents |
- Article: New Cisco security strategy targets elusive threats (SearchNetworking.com)
- Article: A human connection to intrusion detection (SearchSecurity.com)
- Column: Linking security to the enterprise mission (SearchNetworking.com)
- Column: The 10 traits of effective security (SearchNetworking.com)
- Tip: Next-generation intrusion prevention: Defense before, during and after the attack (SearchSecurity.com)
- Tip: The future of network security: Intelligence behind IPS (SearchNetworking.com)
- Book Chapter: The future of intrusion detection and prevention (SearchSecurity.com)
- Presentation: Advanced intrustion defense (SearchSecurity.com)
- Featured Topic: Intrusion defense (SearchSecurity.com)
| More Learning Resources | Return to Table of Contents |
- Firewall Resource Guide
- Guide to network performance management
- Guide to network administration
- Snort Technical Guide
- Learning Guide: Understanding Your Authentication Options
This was first published in December 2005
Join the conversationComment
Share
Comments
Results
Contribute to the conversation